Gun Activists Guide To Privacy and Safety: VPNs, DNS, & Password Managers ~ Part Two

Disclosure: Some of the links below are affiliate links, meaning at no additional cost to you, Ammoland will earn a commission if you click through and make a purchase.

Editors Note; We actively use in our day-to-day work all the tools and techniques recommended below.
Check out Part-One of this article series.

Data Protection Virtual Private Network
Gun Activists Guide To Privacy and Safety: VPNs, DNS, & Password Managers

U.S.A.-(Ammoland.com)- We know that ISPs (internet service providers) spy on what we do online. They scan packets for content IDs. When a user sends information through the internet, it is broken up into small chunks of data called packets. A content ID is a signature of a packet that matches one of the copyright owner's file.

Any form of media can generate a content ID. Since digital data is made up of ones and zeros, it is easy to predict how an audio or video file will look when transmitted through the internet. Content ID matches attributes such as overall size. ISP use deep packet inspection techniques to determine what is in the packets.

Similar techniques can be used by hackers on public WIFI networks to steal personal data. When you connect to a public or open and often free, WIFI network, hackers and other people can see all the data that you transmit. This data could be anything from passwords to credit card numbers.

Hackers use packet sniffing programs like Wireshark to capture packets. Sniffing packets is capturing packets to see what is in them. There is a lot of other techniques like session hijacking to be able to access everything from your bank account to your Facebook account by duplicating in legitimate connection.

When you visit a website that site can see your location. When you visit a website that site will log your IP address. An IP address is like a home address in the real world. These sites can see who you have as your internet provider and your physical location.

There are ways way to keep the prying eyes off your home internet traffic and keep your mobile data private.

Virtual Private Network

Virtual Private Network
Virtual Private Network

You can use what is known as a Virtual Private Network (VPN). This method of protection is a must use for anyone that is security conscious especially if they use public WIFI networks.

A VPN uses encrypted tunnels to secure your data. The tunnel connects your computer to a remote server. That server goes out and gets the data you request and send it down the tunnel to your computer or mobile device.

To your ISP or any would be hacker they cannot see anything that you do inside the tunnel. If anyone looks at the data, it will just look like an indecipherable mess. Another advantage is that websites you visit also cannot see where your traffic originates from since the IP address it sees comes from a server and not your device. Sites like Google, Facebook, CNN, etc will have a harder time tracking you.

A new move by groups, including anti-gun organizations, is to try to have ISP censor content by blocking the user from accessing content through the ISP from the users' internet connections. ISP are already blocking content, but since the content that ISPs are blocking is illegal content like child porn, most users would never notice these sites being filtered. Groups like the Recording Industry Association of America and the Motion Picture Association of America want ISPs to block access to music and movie pirating websites.

I can envision a future when the ultra-left Southern Poverty Law Center (SPLC) starts pressuring ISPs to censor sites that they deemed to be sites of “extremist” groups. They have already begun to urging hosting providers and registrars to drop websites like www.infowars.com. How long before they target AmmoLand News? They already have pressured Social Media companies into banning groups like Patriot Prayer and influencers like Gavin McInnes. It is the next logical step in their war against free speech.

VPNs are a way around the nanny filters that an ISP might try to add. People already use VPNs to access services such as Netflix or other region blocking content on the web. By using a VPN, it puts you in control of what you want to see, and more importantly who sees you.

NordVPN

VPNs are very easy to install. I recommend NordVPN. NordVPN is the most stable and fastest VPN available today. NordVPN offers servers across the country in the world. The price depends on the length of the contract. It could be as cheap as $2.99 a month, or as expensive as $11.99 a month.

NordVPN offers instructions on configuring the VPN on multiple devices here: https://nordvpn.com/tutorials/.

Cloudflare

The only issue with VPN services is that since your traffic hits a remote server before reaching its destination is that it can be slower. For most users, the slowdown in speeds will not be noticeable. For gamers, this could be an issue.

For people that need low ping times (the time it takes for a packet to reach its destination and that destination to return the packet to the original sender), there is another alternative that isn't as secure but is better than nothing.

When a user goes to a website, their traffic first hits a domain name service (DNS) server. What these DNS servers do is takes the uniform resource locator (URL), also known as a domain name such as AmmoLand.com, and translate it into an IP address.

For example, when you type in AmmoLand.com what happens is your device contacts a DNS server and sends a request to get AmmoLand.com's IP. This process is like looking up a phone number in a phone book.

The DNS server responds by saying AmmoLand.com resolves to the IP of 104.20.40.31. (<-actual IP address) Your device then connects to the IP, and the website shows up in your web browser. This whole process takes only a few milliseconds to complete.

Most of the time your DNS server is automatically assigned to you by your ISP or the network you connect to with your device by using dynamic host configuration protocol (DHCP). The privacy issue we run into is that DNS servers store your searches.

DNS servers originally stored this data to speed up future searches. This storage is called caching. It is a good thing on the surface because repeated calls to a server can cause a delay between the servers and the users. This is called lag.

ISPs and certain DNS providers such as Google (8.8.8.8) have started using the cache for more than just speeding up searches. These companies are storing data permanently to a database of your online activity. Google does it to know what advertisements to show you. Your ISP sells your data to third parties.

A few years ago, selling your data to third parties would have been illegal, but on the behest of companies like Verizon, AT&T and Sprint, Congress voted to eliminate the restrictions on companies selling their private user database. Ever since then, companies have been doing everything possible to monetize your information.

There is a way to stop this practice. Instead of using your ISP's default DNS server or Googles DNS servers you could use Cloudflare's name server. Cloudflare is a company that protects websites for DDoS attacks (attacks a hacker uses to knock a site offline). They are the best in the business at mitigating attacks.

What also makes Cloudflare so unique in the tech world is their commitment to privacy. Because of the growing issue of companies using their DNS servers to collect personal data to sell they set up a free DNS server that anyone can use. They will not monetize your information.

Cloudflare does still cache data to speed up DNS request, but they purge the data from their service after a week. They also never tie data to a user or IP. The CEO of Cloudflare, Matthew Prince, is also a well-known privacy and free speech advocate and his company reflects his beliefs.

Another advantage of using Cloudflare's DNS servers is that they are currently the fastest DNS server in the world. Their servers crush all ISPs and even defeats the former fastest Google by a significant margin.

Cloudflare is also pro-free speech and anti-censorship. Prince is a rarity in Silicon Valley. The SPLC and various left-wing organization have called out Cloudflare to stop providing services to websites that host content that they see as objectionable.

Cloudflare has responded in a way that I wish more companies would return to this type of pressure from SPLC type groups. They ignored the demands. Prince believes it is imperative for our country that his company remains “content-neutral.” He points to the middle east where regimes censors content to maintain control of the people. Controlling information is the easiest way to control the populace.

People who live under these regimes are already using Cloudflare’s free DNS servers to access content that their countries do not want them to see. Cloudflare believes in free speech and abides by the free speech laws of the United States which sets them apart from almost all other DNS providers.


Steps For Advanced Users: To change your DNS setting on an Android phone:

  • From your app screen tap “Settings.”
  • Tap “Connections”
  • Tap “WIFI”
  • Tap the WIFI network name
  • Tap “Advanced”
  • Change IP settings “DHCP” to “Static
  • Tap “DNS 1” and enter “1.1.1.1”
  • Tap “DNS 2” and enter “1.0.0.1”
  • Tap “Save”

To change your DNS setting on an Apple phone:

    • From the home screen tap “Settings”
    • Tap “Wi-Fi”
    • Next, to the Wi-Fi network name tap the “i” with a circle around it.
    • Tap “DNS”
    • Delete the current value and enter “1.1.1.1” and “1.0.0.1”
    • Exit to save automatically.

To change your DNS setting on Windows 10:

  • Open the Control Panel
  • Click on Network and Internet
  • Under Network Sharing Center, Click on View Network Setting and Staks
  • On the left pane, click on Change adapter settings.
  • Right-click the network interface connected to the internet and select Properties.
  • Select Internet Protocol Version 4 (TCP/IPv4) from the list.
  • Click the Properties button.
  • Click the Use the following DNS server addresses option.
  • Set Preferred DNS server to 1.1.1.1
  • Set Alternative DNS server to 1.0.0.1

To change your DNS settings on a Mac:

  • Go to the Apple menu and select “System Preferences.”
  • Click the “Network” control panel,
  • Select your network interface from the left side then click the “Advanced” button in thE lower right corner of the Network window
  • Click the “DNS” tab at the top of the screen
  • Click the “+” button at the button of the “DNS Server:” window
  • Add “1.1.1.1”
  • Click the “+” button again
  • Add “1.0.0.1”
  • Click on all other listed servers one by one and click “-“
  • Click “OK”
  • Click “Apply”

Username And Password Security

VPNs or Cloudflare's DNS services offer us certain protections to prying eyes, but what happens if there is a data breach at a website that you use? If you use the same username and password for every site, all your accounts are in danger. That is a scary enough thought, but it is even more terrifying is that most of their breaches take months before companies discover that hackers have breached their systems.

There is a solution for this as well, and that solution is to use a password manager such as Dashlane.

DashLane


What Dashlane and other programs like Dashlane does is enables you to have different and hardened passwords on each site. These programs keep all your passwords in a securely encrypted database.

If hackers compromise your Twitter account by stealing your passwords, it is no big deal because with a single click of a button in the Dashlane app the password is changed and since the password is unique to the hacked account the rest of your passwords were never at risk.

These password managers all can generate strong passwords. By using random characters, your passwords are safe from people guessing your password or using a dictionary attack (trying random words). Hackers know that a lot of passwords will be the name of the target's spouse, kids, dog mixed with numbers and usually a “!” at the end of the password.

Programs like Dashlane have an added advantage of making logging into sites easier. Dashlane will log you into sites automatically and safely encrypt and store all your data. There is a free version of Dashlane, but I recommend the paid version.

Most companies that make password managers offer them for Windows, MacOS, IOS, and Android. One account will let you install it on all your devices and passwords are updated seamlessly.

Installing Dashlane is as easy to install like any other program. It can be found on the Apple App Store, the Google Play Store, BUT I recommend you go straight to the source and download it directly from their website: www.dashlane.com.

These small steps will help keep your data away from prying eyes, but these are just the beginning steps to a more secure online presence. In the digital world, like in the real world, you should always protect yourself.

More to come in Part 3: Private Browsing, Encryption, and Anti-malware,, stay safe.

Next Gun Button
Read Part 3

About John CrumpJohn Crump

John is a NRA instructor and a constitutional activist. He is the former CEO of Veritas Firearms, LLC and is the co-host of The Patriot News Podcast which can be found at www.blogtalkradio.com/patriotnews. John has written extensively on the patriot movement including 3%'ers, Oath Keepers, and Militias. In addition to the Patriot movement, John has written about firearms, interviewed people of all walks of life, and on the Constitution. John lives in Northern Virginia with his wife and sons and is currently working on a book on leftist deplatforming methods and can be followed on Twitter at @crumpyss, on Facebook at realjohncrump, or at www.crumpy.com.

10
Leave a Reply

Please Login to comment
9 Comment threads
1 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
9 Comment authors
DenielCharlesTomRusty ChainsVes Recent comment authors
  Subscribe  
Notify of
Deniel
Guest
Deniel

The main thing is to download the good VPN I, for example, use VeePN and it completely suits me

Tom
Guest
Tom

Recently discovered a new browser called “Epic Browser” which HS students have been using to get around our content filter where I work. Not only does it have a builtin VPN which you can turn ON/OFF, but you also can select which country you want to appear to be originating from. Took some doing but we were eventually able to block it….for the kids’ sake of course.

Rusty Chains
Guest
Rusty Chains

Good info, I opted to change my DNS static stuff in my router, since that covers all the devices in my home.

Ves
Guest
Ves

Nice job explaining VPN! in English.

Everyone today should use a VPN when traveling, even at home.

Clifffalling
Guest
Clifffalling

A good start for the luddites. Good points though. I see comments on this site all the time that must get logged in keyword algorithms from any one of several alphabet agencies. These goobers dont realize they are just giving their address out if ever the door pounding campaign starts.

Charles
Guest
Charles

Thank you!

Mike
Guest
Mike

Thank you, John, for the detailed info!!!

Gulcher
Guest
Gulcher

Another thing you can do to get around DNS server data collection (and speed up connections) for sites you regularly visit, is to edit your HOSTS file to list the IP of the site(s) … there is plenty of information on the web of how to do this on Windows and Linux machines… (I don’t know if there is a similar thing for Android or Apple OSes). You can also sort of BAN access to your computer by enemy sites like Google, Facebook, Amazon etc by adding them to your HOSTS file and redirecting them to your localhost (127.0.0.1 usually)… Read more »

Thomas J
Guest
Thomas J

Also, the second you open wireshark on any network it will light the you up like a Christmas tree, along with the admins, if it doesnt boot you automatically, this is literally a decades old tactic.

Thomas J
Guest
Thomas J

ProtonVPN is waaaay better than nord, its has dedicated P2P vpn’s and also has vpn’s that that use TOR after you hit their servers in Switzerland, making it nearly impossible to track your traffic, though tor is slow. The Swiss are neutral so no extradition of server logs, which are tossed anyway, but the only way anyone in the usa is getting that info is if the spooks steal it